<?php

session_start();

$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{
$connect = mysql_connect("localhost","93583","myjosef") or die("Can't connect. Report to josefcitrine@googlemail.com");
mysql_select_db("93583db3") or die("Can't find database. Report to josefcitrine@googlemail.com");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrow = mysql_num_rows($query);

if ($numrow!=0)
{

while ($row = mysql_fetch_assoc($query))
{
	$dbusername = $row['username'];
	$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{
	echo "You're in! <a href='http://thetech.noads.biz/hidden/view/index.php'>Click here to enter the secret area</a>";
	$_SESSION['username']=$dbusername;
}
else {
	echo "Incorrect password!";
}
}
else {
	die("That user doesn't exist!");
}
}
else {
	die("Please enter a username and password!");
}

?>